top of page

ISAG Privacy policy

This is the privacy notice of the Independent Scientific Advisory Group. In this document, "we", "our", ISAG or "us" refers to the Independent Scientific Advisory Group. We are multidisciplinary group of scientists, academics, and researchers who have come together to advocate for a SARS-CoV-2 elimination strategy for the island of Ireland.


This notice is to inform you about the data that we collect and your rights in respect of that data. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information” or “personal data”) such as name, address, date of birth, etc. Where “process” is used in this policy it means the collection, storage, transfer or use of personal information. ISAG is a Data Controller and processes data for the purposes of this notice. See the glossary at the end for more details on what this means.


If there are aspects of the policy that you are not happy with please leave our website immediately.


ISAG takes your privacy and the confidentiality of information that you supply to us very seriously. People who use our website are entitled to know that their personal data will not be used for any purpose that they aren't aware of, and that their data will not be passed to a third party without their consent. The only information about you which will be held by us is information which you yourself provide to us and any such information will be treated with the highest standards of security.


This notice relates to ISAG’s privacy practices in connection with this website. We may link to other websites, but we cannot be responsible for the content or privacy practices on those sites. Any links posted on our website should be accessed at the users own risk. 


We will preserve the confidentiality of all information you provide to us. Our policy complies with applicable Irish law and the General Data Protection Regulation (GDPR).


More information about your data rights can be found at the website of the Data Protection Commission at We recommend that you read the information provided by the Data Protection Commissioner alongside this notice. The Data Protection Commission is the supervisory authority for ISAG. 


Data may be processed outside the European Union. Our website is hosted by servers in the United States of America. ISAG is hosted on the platform. provides us with the online platform that allows us to communicate with you. Your data may be stored through’s data storage, databases and the general applications. They store your data on secure servers behind a firewall.


Accordingly, data obtained within Ireland or any other country could be processed outside the European Union. The data protection clauses in our contracts with data processors include transfer clauses written by or approved by a supervisory authority in the European Union. Except as set out below, we will not share, sell, or disclose to a third party, any information collected through our website.


Your rights and our obligations:


Irish Law (and the GDPR) gives people rights over what happens with their data. These rights means that we have certain obligations. We are obliged to:


●    To obtain and process data fairly.

●    To keep data only for one or more specified explicit and lawful purpose.

●    To process data only in ways compatible with the purposes for which it was given to us initially.

●    To keep data safe and secure.     

●    To keep data accurate and up-to-date.     

●    To ensure that all data processed is adequate, relevant and not excessive. 

●    To retain data no longer than is necessary for the specified purpose or purposes; and 

●    To give a copy of his/her personal data to any individual on request 


This is not a full list of our obligations and we recommend that you read the Data Protection Commission website (above) to find out more. 


You have the right to: 


•    Request access to your personal data;

•    Request correction or deletion of your personal data;

•    Object to our use and processing of your personal data;

•    Request that we limit our use and processing of your personal data; and

•    Request portability of your personal data.


If you wish to exercise any of these rights please contact us using the details below. When we receive a request we may need to verify your identity before taking any action.


Our email address for such communications is isagcovid19 [at]


In addition to this you may make a complaint about our data processing activities to a supervisory authority. The supervisory authority for the ISAG is the Data Protection Commissioner - Ireland (


Data processing and the law:


The law requires us to determine under which of six defined bases we process different categories of your personal information, and to notify you of the basis for each category.

If a basis on which we process your personal information is no longer relevant, then we will stop processing your data.


The basis upon which we can lawfully process your data is:


•    You have given consent to the processing of your personal data for one or more specific purposes

•    Processing is necessary for the performance of a contract to which you are party or in order to take steps at your the request prior to entering into a contract

•    Processing is necessary for compliance with a legal obligation to which ISAG is subject

•    Processing is necessary in order to protect your vital interests or those of another natural person

•    Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in ISAG.

•    Processing is necessary for the purposes of the legitimate interests pursued by ISAG or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, in particular where the data subject is a child. 


What information we collect and how we use it:


ISAG will collect and process your data in the following ways:


Contractual Basis


If you agree to our terms of service, which are necessary for some services, you are forming a contract with us. In order to carry out our obligations under that contract we must process the information you give us. 

We may use it in order to provide you with our services provide you with suggestions about services and how to obtain the most from using our website.


We process this information on the basis that you have requested we use the information before we enter into a legal contract.


Additionally, we may aggregate this information in a general way for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, we will do so in a way that means that you cannot be identified. 


We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.




Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our campaign, you provide your consent to us to process information that may be personal information. We will obtain your unambiguous consent to process this information, for example, by ensuring that when you join our mailing lists you know what information is stored and how we use it.  Enquiries made through our 'contact form' are passed on by email to ISAG volunteers. We are committed to deleting mailing lists entirely by 1st February 2022 or before, when this campaign is finished. 


Sometimes you might give your consent implicitly, such as when you send us a message by e-mail to which you would reasonably expect us to reply.


We continue to process your information on this basis until you withdraw your consent or we reasonably assume that your consent no longer exists.


Legitimate Interest


We may process information on the basis there is a legitimate interest, either to you or to us, of doing so. Where we process your information on this basis, we do after having given careful consideration to:


•    whether the same objective could be achieved through other means

•    whether processing (or not processing) might cause you harm

•    whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so.


For example, we may process your data on this basis for:

•    record-keeping for the proper and necessary administration of ISAG

•    responding to unsolicited communication from you to which we believe you would expect a response

•    protecting and asserting the legal rights of any party

•    insuring against or obtaining professional advice that is required to manage risk

•    protecting your interests where we believe we have a duty to do so.


Legal obligation


ISAG is subject to Irish Law. There are circumstances where we may be required to process your information in order to comply with that law. ISAG will comply with any lawful demand for information, such as a court order.


Information this website collects automatically


The ISAG website may receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; computer and connection information. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We may also collect personally identifiable information (including name, email, password, communications); comments, feedback, recommendations, and personal profile.


Usage information: We use Google Analytics to collect information about your usage of our website. The usage data includes information such as pages viewed, your geographic location, the browser used, and information about your device. To opt-out of this data collection you can install the Google Analytics opt-out tool, or you can choose to disable cookies on our site.


Information from cookies: A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. 


You can modify your cookie settings upon entry to the site. Information on cookies from are available at


Do Not Track Signals: Your Web browser may have a “do not track” setting which, when enabled, causes your browser to send a do not track HTTP header file or “signal” to each site you visit. Please note that our Web service provider ( do not change their practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.


Log information: Technical details in connection with visits to this website are logged for our statistical purposes. The technical details logged include the following items: the IP address of your internet connection, the type of browser you are using, the date and time you accessed our site, the pages you have accessed and the documents downloaded, and the previous website address from where you reached us, including any search terms used.


We use this automatically collected information to remember your preferences and settings - for example by remembering your cookie preference so that you will not have to re-set it during this or subsequent visits. We also use this information to analyse trends, administer or optimize the website, monitor usage or traffic patterns (including to track users’ movements around the website) and gather demographic information about the people who visit our website. 


We may also use this information to control unauthorized use or abuse of the website, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal.


Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us, to provide you with the services you have requested, to comply with other law or to support a claim or defence in court.    


We may modify or update this Privacy Statement from time to time and so you should review this page periodically.


This Privacy Statement was last amended on the 1st of February, 2021.


If you have any question regarding our privacy policy, please contact us at isagcovid19 [at], clearly marked ‘Privacy Concern’ in the subject line.





“Data” means Manual Data (i.e. information that is recorded as part of a relevant filing system or with an intention that it should form part of a relevant filing system) and automated data (i.e. information that is being processed automatically in response to instructions given for that purpose or information that is recorded with the intention that it be so processed).


“Data Controller” means a person who, either alone or with others, controls the contents and use of Personal Data.


“Data Subject” means the individual who is the subject of Personal Data.


“Cookies” Small pieces of information, stored in simple text files, placed on your computer by a web site. Cookies can be read by the web site on your subsequent visits. The information stored in a cookie may relate to your browsing habits on the web page, or provide you with a unique identification number so that the web site can “remember” you on your return visit. Generally speaking, cookies do not contain personal information from which you can be identified, unless you have furnished such information on the website.

“Disclosure” of Personal Data includes the disclosure of information extracted from such data, but does not include a disclosure made directly, or indirectly, by a Data Controller to an employee or agent of his for the purpose of enabling the employee or agent to carry out his duties; and where the identification of a Data Subject depends partly on the Data and partly on other information in the possession of the Data Controller, the Data will not be regarded as disclosed unless the other information is also disclosed.

“Personal Data” means data in relation to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the Data Controller.


“Processing” (of Data) means performing any operation or set of operations on the information or Data, whether or not by automatic means, including: (a)obtaining, recording or keeping the Data; (b) collecting, recording, organising, storing, altering or adapting the Data; (c) retrieving, consulting or using the Data; (d) disclosing the Data by transmitting, disseminating or otherwise making it available; and (e) aligning, combining, blocking, erasing or destroying the Data.


“Sensitive Personal Data” means Personal data as to (a) the racial or ethnic origin, the political opinions or the religious or philosophical beliefs of the Data Subject; (b) whether the Data Subject is a member of a trade union; (c) the physical or mental health of condition or sexual life of the Data Subject; (d) the commission or alleged commission of any offence by the Data Subject; and (e) any proceedings for an offence committed or alleged to have been committed by the Data Subject, the disposal of such proceedings or the sentence of any court in such proceedings.

bottom of page